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Top Stories 

• Realty Capital Securities LLC was charged by Massachusetts financial regulators 
November 12 for allegedly impersonating shareholders to use their stocks to vote on 
corporate governance. - Boston Globe (See item 6) 

• Altaf Khanani Money Laundering Organization and A1 Zarooni Exchange were sanctioned 
as transnational criminal organizations November 12 after investigators determined that the 
organizations were laundering billions of dollars. - U.S. Department of the Treasury (See 
item 7) 

• Princess Cruises reported November 12 that travelers were stranded on a ship after docking 
in Los Angeles following a U.S. Customs and Border Protection computer failure. - KTLA 
5 Los Angeles (See item 10) 

• Securus Technologies announced November 12 that it is investigating an alleged breach of 
its systems and stated that its system was not hacked by an outside, but likely breached by 
an internal employee. - International Business Times (See item 26) 
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Energy Sector 



Nothing to report 

Chemical Industry Sector 

Nothing to report 

Nuclear Reactors, Materials, and Waste Sector 

1. November 13, Hazleton Standard Speaker - (Pennsylvania) Nuclear reactor shut 
down. The U.S. Nuclear Regulatory Commission announced November 13 that a 
preliminary investigation into the shutdown of the Unit 1 reactor at Talen Energy’s 
Susquehanna Nuclear plant in Salem Township November 12 indicates that the reactor 
tripped due to high pressure levels while workers were testing a main steam line. The 
investigation into the automatic shutdown is ongoing and the unit remains in stable and 
safe condition. 

Source: http://standardspeaker.com/news/nuclear-reactor-shut-down- 1.197 1058 

Critical Manufacturing Sector 

2. November 13, U.S. Environmental Protection Agency - (Pennsylvania) MI Metals 
settles hazardous waste storage violations at Millersburg, Pa. facility. 
Pennsylvania-based MI Metals agreed to pay a $58,816 penalty November 12 to the 
U.S. Environmental Protection Agency to settle alleged violations after an inspection at 
the company’s Millersburg manufacturing facility found violations of the Resource 
Conservation and Recovery Act for failing to properly store hazardous materials. 
Source: 

http://vosemite.epa.gOv/opa/admpress.nsf/Q/012DDDA435603B7C85257EFB005512D 
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3. November 12, U.S. Consumer Product Safety Commission - (International) Mahindra 
USA recalls compact tractors due to fire hazard. Mahindra USA, Inc., issued a 
recall November 12 for approximately 2,000 eMax Compact Tractors in the U.S. and 
about 100 models in Canada, due to a potential fuel line break issue that can cause a 
fire. The company has received 61 reports of cracks in the fuel tank pump. 

Source: http://www.cpsc.gov/en/Recalls/Recall-Alerts/2016/Mahindra-USA-Recalls- 
Compact-Tractors/ 

Defense Industrial Base Sector 

Nothing to report 

Financial Services Sector 

4. November 12, Securityweek - (National) New PoS malware delivered via malicious 
docs, exploit kit. Researchers from Proofpoint observed the “AbaddonPOS” point-of- 
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sale (PoS) malware and determined that it was being widely distributed with the aid 
compromised Microsoft Word documents designed to download information-stealing 
threats. Once the malware infects the system, it targets the memory of all processes in 
track 1 and track 2 data associated with payment cards. 

Source: http://www.securityweek.com/new-pos-malware-delivered-malicious-docs- 
exploit-kit 

5. November 12, Orange County Daily Pilot - (California) Newport lawyer accused of 
$8 million investment scam pleads guilty to 3 felonies. A former attorney from 
Orange County pleaded guilty to 2 felony counts of wire fraud and 1 felony count of 
tax evasion November 12 for misleading investors by collecting their investment 
money and spending it on personal expenses, netting at least $8 million. 

Source: http://www.latimes.com/socal/dailv-pilot/news/tn-dpt-me-1113-kang-plea- 
20151112-story.html 



6. November 12, Boston Globe - (Massachusetts) Secretary of State alleges corporate- 
voting fraud at Realty Capital Securities. Boston-based Realty Capital Securities 
LLC was charged by Massachusetts financial regulators November 12 for allegedly 
impersonating shareholders to use their stocks to vote on corporate governance, which 
included a proxy vote that was used for a proposed $378 million deal and another that 
would have given New York investors who controlled the company more control over 
Business Development Corp. of America. 

Source: https://www.bostonglobe.com/business/2015/ll/12/galvin-alleges-corporate- 
voting-fraud-realtv-capital-securities/YbDnvUvM6nxJ8NbJEM0moK/story.html 

7. November 12, U.S. Department of the Treasury - (International) Treasury sanctions 
the Khanani Money Laundering Organization. The U.S. Department of the 
Treasury’s Office of Foreign Assets Control announced November 12 that the Altaf 
Khanani Money Laundering Organization (Khanani MLO) and Dubai-based money 
services company A1 Zarooni Exchange were sanctioned as transnational criminal 
organizations after investigators determined that the organizations were knowingly 
laundering billions of dollars to organized crime groups, drug trafficking organizations, 
and designated global terrorist groups. 

Source: http://www.treasury.gov/press-center/press-releases/Pages/ilQ265.aspx 

8. November 10, WF1E 14 Evansville - (Indiana) 36 people charged in fraud scheme 
involving staged car wrecks in the Tri-State. Thirty suspects out of the 36 people 
allegedly involved in a scheme to defraud insurance companies out of more than 
$600,000 in false insurance claims over a 4 year period were served warrants 
November 10 in Indiana. The suspect’s recruited people to participate in staged crashes 
and trained them how to act in order to file false insurance claims and run up medical 
bills through hospital stays. 

Source: http://www.14news.com/story/30484469/36-people-charged-in-fraud-scheme- 
involving-staged-car-wrecks-in-the-tri-state 
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Transportation Systems Sector 



9. November 13, Calaveras Enterprise - (California) Cement truck accident closes 
Highway 49 south of Angels Camp. Highway 49 at the Stevenot Bridge was shut 
down for more than 3 hours November 12 after a fully-loaded semi-truck hauling 
cement, overturned and injured the driver. 

Source: http://www.calaverasenterprise.com/news/article 7bl9c42e-899e-l Ie5-b007- 
8b43c54c3b47.html 

10. November 12, KTLA 5 Los Angeles - (California) Computer glitch leaves passengers 
stranded for hours after cruise ship arrives in San Pedro. A Princess Cruises 
spokesperson reported November 12 that 30 percent of the Star Princess’s 2,600 
travelers were temporarily stranded on the ship after docking in San Pedro, Los 
Angeles while crews manually processed passengers following a U.S. Customs and 
Border Protection computer failure. Officials reported that the incident was a result of a 
computer glitch and not a cyber-attack. 

Source: http://ktla.com/2015/ll/12/computer-glitch-leaves-passengers-stranded-for- 
hours-after-cruise-ship-arrives-in-san-pedro/ 

11. November 12, Plymouth-Canton Patch - (Michigan) Tanker truck driver died 
instantly in crash. Interstate 275 in Wayne County was shut down for several hours 
November 12 while crews worked to remove debris following a 2-vehicle crash 
involving a semi-truck and a Wayne County Road Commission vehicle that killed 1 
person. 

Source: http://patch.com/michigan/plymouth-mi/breaking-msp-savs-avoid-area-fatal- 
crash-near-canton 

12. November 12, WJXX 26 Orange Park; WTLV 12 Jacksonville - (Florida) American 
Airlines flight makes emergency landing at JIA. An American Airlines flight headed 
to Dallas returned to Jacksonville International Airport in Florida for an emergency 
landing November 12 due to mechanical issues. The plane, carrying 140 passengers, 
landed safely and maintenance crews were dispatched to inspect the aircraft. 

Source: http://www.firstcoastnews.com/story/news/local/2015/ll/12/flight-makes- 
emergenc y-landin g-j acksonville/7 5673748/ 

Food and Agriculture Sector 

13. November 12, U.S. Food and Drug Administration - (National) Trader Joe’s issues 
voluntary allergy alert on tree nuts in Trader Giotto’s Butternut Squash 
Triangoli. California-based Trader Joe’s issued a nationwide recall November 12 for 
refrigerated packages of Trader Giotto’s Butternut Squash Triangoli products due to 
misbranding and undeclared tree nuts. The problem was discovered after several 
customers reported allergic reactions following consumption of the products. 

Source: http://www.fda.gov/Safety/Recalls/ucm472440.htm 

14. November 12, U.S. Food and Drug Administration - (National) Homestat Farm 
recalls Organic Steel Cut Oats & Chia with Flax and Rye Flakes because of 
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possible health risk. Dublin, Ohio-based Homestat Farm issued a voluntary recall 
November 12 for 42 ounce cartons of Organic Steel Cut Oats & Chia with Flax and 
Rye Flakes after a supplier discovered that the flax seed ingredient may be 
contaminated with Salmonella. The recall was initiated after contamination was found 
in flax seed provided to another customer. 

Source: http://www.fda.gov/Safety/Recalls/ucm472490.htm 

15. November 12, U.S. Food and Drug Administration - (National) SpaghettiOs Original 
14.2oz cans recalled due to potential choking hazard. Campbell Soup Company 
issued a nationwide recall November 12 for 355,000 cans of its SpaghettiOs Original 
soup packaged in 14.2 ounce cans after consumer complaints revealed that the parts of 
the plastic can lining may peel off and present a choking hazard. 

Source: http://www.fda.gov/Safetv/Recalls/ucm472508.htm 

Water and Wastewater Systems Sector 

16. November 12, WOOD 8 Grand Rapids - (Michigan) Shelby under boil water 
advisory. The Village of Shelby in Michigan was issued a boil-water advisory 
November 12 until further notice after its water system tested positive for Coliform 
bacteria. 

Source: http ://woodtv .com/20 15/11/1 2/shelb y-under-boil- water- advisory/ 

Healthcare and Public Health Sector 

17. November 12, Salt Lake City Deseret News - (Utah) Hepatitis C investigation 
expands to second hospital. Davis Hospital and Medical Center in Layton will notify 
2,369 patients November 12 stating that they may have been exposed to hepatitis C 
after a patient at McKay-Dee Hospital contracted the blood-bome pathogen allegedly 
from a former nurse who stole morphine and Dilaudid. Davis Hospital issued alerts 
after investigators discovered that the nurse was previously employed and let go from 
the hospital for stealing intravenous Benadryl. 

Source: http://www.deseretnews.com/article/8656414Ql/Hepatitis-C-investigation- 
expands-to-second-hospital.html?pg=all 

Government Facilities Sector 

18. November 13, Oakland Press - (Michigan) Rochester High School closed due to 
power outage. A power outage prompted the closure of Rochester High School in 
Michigan November 12 while crews worked to restore service. 

Source: http://www.theoaklandpress.com/general-news/20151 1 12/rochester-high- 
school-closed-due-to-power-outage 

19. November 13, Poughkeepsie Journal - (New York) Anonymous threat locks down 
Marist campus. All classes were cancelled at Maris College in Poughkeepsie 
November 13 until further notice while police investigated an anonymous online threat 
made against the college. Students in dormitories were ordered to stay indoors during 
the investigation. 
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Source: 

http://www.poughkeepsieioumal.com/storv/news/local/2015/ll/13/annoymous-threat- 

locks-down-marist-campus/75695892/ 

20. November 13, WXIN 59 Indianapolis - (Indiana) Nine students suffer minor injuries 
after hit-and-run crash on northwest side. An accident involving a Lincoln Middle 
School bus and a truck left nine students injured in Indianapolis November 13. Police 
are searching for the truck, which fled the scene. 

Source: http ://fox5 9 .com/20 15/11/1 3/pike-to wnship-school-bus-involved-in-accident- 
on-northwest-side-multiple-injuries-reported/ 

21. November 12, KAKE 10 Wichita - (Kansas) 6,000 acres scorched in Cowley County 
grass fire. Crews worked to contain a grass fire November 12 that burned 6,000 acres 
in Cowley County. 

Source: http://www.kake.com/home/headlines/Crews-battle-grass-fire-at-Butler- 
Cowlev-county-line-346 1 5 8322.html 

Emergency Services Sector 

22. November 12, Foster’s Daily Democrat - (New Hampshire) Computer virus infects 
county dispatch center. The Strafford County chief deputy announced November 12 
that computers at the Strafford County Regional Dispatch Center in Dover were 
infected by the CryptoLocker ransomware which severely limited the amount of data 
utilized by both dispatchers and emergency personnel on the field. Officials were able 
to isolate the virus and are working on bringing systems back online. 

Source: http://www.fosters.com/article/20151 1 12/NEWS/151 119727 

For another story, see item 26 

Information Technology Sector 

23. November 13, Securityweek- (International) Flaw in “Spring Social” puts user 
accounts at risk. Researchers at SourceClear (SRC:CLR) discovered that a 
vulnerability in Pivotal Software’s Spring Social authentication feature can be 
exploited via a specially crafted Uniform Resource Locator (URL) that bypasses the 
cross-site request forgery (CSRF) protection to link an attacker’s account, on a similar 
service to GitHub or Facebook, with a victim’s account on a compromised Web site. 
Pivotal Software patched the vulnerability with the release of Spring Social Core 
update. 

Source: http://www.securityweek.com/flaw-spring-social-puts-user-accounts-risk 

24. November 12, The Register - (International) Jenkins plugs 11 security holes with two 
updates. Jenkins released Versions 1.638 and 1.625.2 for its open source integration 
tool that patched 1 1 critical security vulnerabilities including a zero-day vulnerability 
that exploited Jenkins CLI subsystem; a secret key flaw that allowed attackers to 
connect as slaves, take over Jenkins systems, and access private data; and a critical flaw 
that used unsafe deserialization, allowing remote attackers to run arbitrary code on the 
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Jenkins master, among other vulnerabilities. 

Source: http://www.theregister.co.uk/2015/ll/12/jenkins security update/ 

25. November 12, The Register - (International) Latest Android phones hijacked with 
tidy one-stop-Chrome-pop. A researcher from Quihoo 360 discovered, and reported 
during the MobilePwn20wn event at the PacSec security conference, a single clean 
exploit in Google’s Chrome browser for Android via its JavaScript v8 engine that does 
not require several chained vulnerabilities to gain access and load software without user 
interaction once a user visits a malicious Web site. 

Source: http://www.theregister.co.Uk/2015/l 1/12/mobile pwn2own/ 

For additional stories, see items 4 and 22 

Internet Alert Dashboard 



To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or 
visit their Web site: http://www.us-cert.gov 

Information on IT information sharing and analysis can be found at the IT ISAC (Information Sharing and 
Analysis Center) Web site: http://www.it-isac.org 



Communications Sector 



26. November 12, International Business Times - (National) Securus Technologies: A 
rogue employee, not a hacker, exposed 70 million inmate calls. Securus 
Technologies announced November 12 that it is investigating an alleged breach of its 
systems that provides phone service to incarcerated people around the U.S., and stated 
that its system was not hacked by an outside, but likely breached by an internal 
employee. An investigation into the breach, which reportedly includes unauthorized 
access to over 70 million recorded prison phone conversations, is ongoing. 

Source: http://www.ibtimes.com/securus-technologies-rogue-emplovee-not-hacker- 
exposed-70-million-inmate-calls-2 181819 

Commercial Facilities Sector 

27. November 13, Santa Rosa Press Democrat - (California) Fire damages 102-year-old 
church in Monte Rio. A November 12 fire caused an estimated $300,000 dollars in 
damage to the St. Catherine’s Catholic Church in Monte Rio after it began in a storage 
closet in the rear of the church. The blaze was contained and no injuries were reported. 
Source: http://www.pressdemocrat.com/news/4747143-181/fire-damages-102-year-old- 
church-in 

28. November 12, WFAA 8 Dallas - (Texas) Fort Worth fire affects 50 apartment 
residents. A 2-alarm fire November 12 at a Fort Worth apartment complex displaced 
22 people and left 20 others without power overnight after at least 8 apartment units 
were destroyed. Fire crews extinguished the blaze and officials worked to secure a 
place for displaced residents. 

Source: http://www.wfaa.eom/storv/news/local/tarrant-county/2015/l 1/12/fort-worth- 
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fire-affects-50-apartment-residents/75685250/ 



Dams Sector 



Nothing to report 



NTAS 
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Department of Homeland Security (DHS) 

DHS Daily Open Source Infrastructure Report Contact Information 

About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday 
through Friday] summary of open-source published information concerning significant critical 
infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for 10 days on 
the Department of Homeland Security Web site: http://www.dhs.gov/lPDailyReport 

Contact Information 

Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS 

Daily Report Team at (703) 942-8590 

Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow 

instructions to Get e-mail updates when this information changes . 

Removal from Distribution List: Send mail to support @ govdelivery.com . 



Contact DHS 

To report physical infrastructure incidents or to request information, please contact the National Infrastructure 
Coordinating Center at nicc@hq.dhs.gov or (202) 282-9201. 

To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or visit 
their Web page at www.us-cert. gov . 

Department of Homeland Security Disclaimer 

The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform 
personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright 
restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source 
material. 
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